CVE-2025-39979Improper Update of Reference Count in Linux

CWE-911Improper Update of Reference Count6 documents5 sources
Severity
7.6HIGH
No vector
EPSS
0.0%
top 92.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 15

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace [1] caused by releasing an HWS action of a local flow counter in mlx5_cmd_hws_delete_fte(), where the HWS action refcount and mutex were not initialized and the counter struct could already be freed when deleting the rule. Fix it by adding the missing initializations and adding refcount for the local flow counter struct. [1] Kernel log: Call Trace: dump_stack_

Affected Packages4 packages

Linuxlinux/linux_kernel6.14.06.16.10
Debianlinux/linux_kernel< 6.16.10-1
CVEListV5linux/linuxb581f4266928d3b5d1bbe711e39623d9a16960913c77f6d244188c3fb11f6aec40bbfe884f1803b5+2
debiandebian/linux< linux 6.16.10-1 (forky)

🔴Vulnerability Details

3
GHSA
GHSA-52rq-cpwv-rvvm: In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace [1] caused by r2025-10-15
OSV
net/mlx5: fs, fix UAF in flow counter release2025-10-15
OSV
CVE-2025-39979: In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace [1] caused by rel2025-10-15

📋Vendor Advisories

2
Red Hat
kernel: net/mlx5: fs, fix UAF in flow counter release2025-10-15
Debian
CVE-2025-39979: linux - In the Linux kernel, the following vulnerability has been resolved: net/mlx5: f...2025